Technology has revolutionized business. However, along with all the advantages and benefits technology affords us, it comes with a few risks and vulnerabilities that some businesses are still struggling to come to terms with. For example, storing records electronically makes them easier to organize and locate when they’re needed. It also makes them vulnerable to hacker and cyber-attacks. Still, most SMBs are working toward mitigating risks as opposed to abandoning the use of technology in their business operations – and a current assessment of the situation does show improvement over past years.

The following statistics examine the current state of IT security for SMBs, as well as why these numbers should be of importance to you and your business.

 

  • Only 36 percent of organizations report being fully aware of employee activity on their network. From terminated employees with continued access to your network to current employees spending the day on social media instead of working and even to Internet of Things devices connecting without knowledge or permission of a company, there are all types of unauthorized access that a business network has to be aware of. This study is saying that only 1/3 of companies have an idea of what is happening on their network. When it comes to network access, what you don’t know can hurt you – and cost your company money!

 

  • The percentage of businesses that that have at least some control over employee activity on their network grew from 62 percent in 2016 to 85 percent in 2017. This statistic is one of the few significant positive changes that is highlighted in this business IT risk report. SMBs are finally starting to recognize the importance of access control when it comes to IT security. The truth is, many major security breaches are caused by human error (some of it intentional) from employees who access a network or parts of a network outside of their job with malicious intent.

 

  • 65 percent of respondents admitted to having security incidents in 2016; the most common reasons cited were malware and human errors. SMBs are being targeted regularly by cyber criminals. Many of these respondents have failed to take the proper network security measures, despite a security incident. Historically, many SMBs are involved in a full-scale cyber-attack and experience loss before they fully enact and enforce network security.

 

  • 48 percent of organizations that have to comply with any cyber security standard still struggle to ensure continuous compliance and provide complete evidence of it to auditors. Certain industries require SMBs to comply with cyber security standards and regulations, regardless of their size and network security experience. Moving forward, it will be more and more common for the entries requiring compliance to request proof of compliance, including policy implementation and compliance audits. For SMBs who can’t comply with these security regulations, it is recommended that they contact a third party IT provider, like Kite Technology Group for guidance.